r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash f5e46725831d8d722872bf68d752f4c5
cf37793a1b73e3f84fe6c37fb27382c83b49dbc0
0582b6180687dd95c7fd728f1b9db4495b807151e309b608ad203d69708f9da6
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0582B6180687DD95C7FD728F1B9DB4495B807151E309B608AD203D69708F9DA6"
Last-Modified: Tue, 24 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13462
Expires: Tue, 24 Jan 2023 09:54:49 GMT
Date: Tue, 24 Jan 2023 06:10:27 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 04512fea22644dc0d22c3f3a665f6645
0e213646abfc6d9560ba562362fd9e9115be8354
124d9534f75506b8e8c7535ee7295ac4e6cf5a8249a0edac6940839e56043181
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "124D9534F75506B8E8C7535EE7295AC4E6CF5A8249A0EDAC6940839E56043181"
Last-Modified: Mon, 23 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20701
Expires: Tue, 24 Jan 2023 11:55:28 GMT
Date: Tue, 24 Jan 2023 06:10:27 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 6cd4f1da1215c7473500807c185f2449
b14db0c67cf1f5faf85648ed8f94baf2dd03808b
9750518efd869da5ff74ba65a196445bd4340c909157cc1a420f62c1d07224a0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9750518EFD869DA5FF74BA65A196445BD4340C909157CC1A420F62C1D07224A0"
Last-Modified: Mon, 23 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10822
Expires: Tue, 24 Jan 2023 09:10:49 GMT
Date: Tue, 24 Jan 2023 06:10:27 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash dcd75ca6daca51c5e39d431468511793
07f76d3bf23d65c9110d810fa71a994e39e085d3
73672a816da4450fe2c938b08d7ae002d9ca29fdcbd3e29cc97084d826f8b459
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Retry-After, Content-Type, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 24 Jan 2023 05:35:05 GMT
content-type: application/json
age: 2122
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 02Nc81P0PsUtYc2jw8ZTVvyS18GioIds4JhSyO0JIWaMIMaUlLA8myn3FzAn89pMc+W6SUPuoNsLz4KZo+qRIA==
x-amz-request-id: C39V0HK620AJS398
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 24 Jan 2023 05:48:01 GMT
age: 1346
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 24 Jan 2023 06:10:27 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
www.sobeteracotafancris.ro/eng/gate.php
194.36.141.112301 Moved Permanently 0 B URL HTTP/1.1 www.sobeteracotafancris.ro/eng/gate.php
IP 194.36.141.112:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /eng/gate.php HTTP/1.1
Host: www.sobeteracotafancris.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.3.33
content-type: text/html; charset=UTF-8
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
x-redirect-by: WordPress
location: https://www.sobeteracotafancris.ro/eng/gate.php
content-length: 0
date: Tue, 24 Jan 2023 06:10:27 GMT
server: LiteSpeed
vary: User-Agent
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Last-Modified, Pragma, ETag, Retry-After, Content-Type, Content-Length, Expires, Cache-Control, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 24 Jan 2023 05:17:31 GMT
age: 3176
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash bb280016d8f12fa0a6ae86792ba89e67
53188091dab8e35ba20d2e341624777c2fb1536a
c28ed8dc9af97c7096f60030048432a41fb853e81ea91208e91493784d382bb9
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6328
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 24 Jan 2023 06:10:28 GMT
Last-Modified: Tue, 24 Jan 2023 04:25:00 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
35.165.41.15101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.165.41.15:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: TNjMZlumQKm8MT/5AQW/ag==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: eGaVka3Kn9rJeYEZCsr2OWr5Xcg=
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 176ab888cb4eeee86431993b3ef960e2
0eb79ca64f0f6b29837d1d7dfe12d38a3d5c3822
47984ce01d5a6281b9f2841cb119d3623e0d4202602f354628469e9158a2d6fa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "47984CE01D5A6281B9F2841CB119D3623E0D4202602F354628469E9158A2D6FA"
Last-Modified: Tue, 24 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2186
Expires: Tue, 24 Jan 2023 06:46:54 GMT
Date: Tue, 24 Jan 2023 06:10:28 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 176ab888cb4eeee86431993b3ef960e2
0eb79ca64f0f6b29837d1d7dfe12d38a3d5c3822
47984ce01d5a6281b9f2841cb119d3623e0d4202602f354628469e9158a2d6fa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "47984CE01D5A6281B9F2841CB119D3623E0D4202602F354628469E9158A2D6FA"
Last-Modified: Tue, 24 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2186
Expires: Tue, 24 Jan 2023 06:46:54 GMT
Date: Tue, 24 Jan 2023 06:10:28 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 176ab888cb4eeee86431993b3ef960e2
0eb79ca64f0f6b29837d1d7dfe12d38a3d5c3822
47984ce01d5a6281b9f2841cb119d3623e0d4202602f354628469e9158a2d6fa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "47984CE01D5A6281B9F2841CB119D3623E0D4202602F354628469E9158A2D6FA"
Last-Modified: Tue, 24 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2186
Expires: Tue, 24 Jan 2023 06:46:54 GMT
Date: Tue, 24 Jan 2023 06:10:28 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 176ab888cb4eeee86431993b3ef960e2
0eb79ca64f0f6b29837d1d7dfe12d38a3d5c3822
47984ce01d5a6281b9f2841cb119d3623e0d4202602f354628469e9158a2d6fa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "47984CE01D5A6281B9F2841CB119D3623E0D4202602F354628469E9158A2D6FA"
Last-Modified: Tue, 24 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2186
Expires: Tue, 24 Jan 2023 06:46:54 GMT
Date: Tue, 24 Jan 2023 06:10:28 GMT
Connection: keep-alive
www.sobeteracotafancris.ro/eng/gate.php
194.36.141.112404 Not Found 22 kB URL HTTP/2 www.sobeteracotafancris.ro/eng/gate.php
IP 194.36.141.112:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (31614), with CRLF, LF line terminators
Hash e3d30b2322987b96b16ea665cd066c6c
76a23074c84c83ce9737cea76d89f4f015668aba
6f74175a4faabf862f8599d075be49c065e0781a81a5dc58a9b5f0dcb1301219
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /eng/gate.php HTTP/1.1
Host: www.sobeteracotafancris.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 404 Not Found
x-powered-by: PHP/7.3.33
content-type: text/html; charset=UTF-8
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
link: <https://www.sobeteracotafancris.ro/wp-json/>; rel="https://api.w.org/"
content-encoding: br
vary: Accept-Encoding,User-Agent
date: Tue, 24 Jan 2023 06:10:28 GMT
server: LiteSpeed
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F602ef184-7161-4092-91b7-61e14eef28a5.jpeg
34.120.237.76200 OK 3.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F602ef184-7161-4092-91b7-61e14eef28a5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 805711aaab303931f8966bbf73aeda52
2bd02a45c8b407e36a41a482b121ea3e14f7c722
66268668c1a970268d75beb1b57f66a759bedac76958a3359cb23104de40fbeb
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F602ef184-7161-4092-91b7-61e14eef28a5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3411
x-amzn-requestid: 62afd364-e94f-45ff-ba6c-9b589fc53e5f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e-EyCEzrIAMFb8A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c8b4d9-203f51040f82f12d535446c4;Sampled=0
x-amzn-remapped-date: Thu, 19 Jan 2023 03:11:21 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 3Ke5d5WguVrF_Phnhu9ojzN5Md0VkYnFfxKNoh5HHrmHwPI90IAIdA==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 a847181d425b7fc57e81eb3c800bfdf2.cloudfront.net (CloudFront), 1.1 google
date: Tue, 24 Jan 2023 04:49:41 GMT
age: 4847
etag: "2bd02a45c8b407e36a41a482b121ea3e14f7c722"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 176ab888cb4eeee86431993b3ef960e2
0eb79ca64f0f6b29837d1d7dfe12d38a3d5c3822
47984ce01d5a6281b9f2841cb119d3623e0d4202602f354628469e9158a2d6fa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "47984CE01D5A6281B9F2841CB119D3623E0D4202602F354628469E9158A2D6FA"
Last-Modified: Tue, 24 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2186
Expires: Tue, 24 Jan 2023 06:46:54 GMT
Date: Tue, 24 Jan 2023 06:10:28 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F987410c8-c934-4399-b586-efb1a5111e3b.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F987410c8-c934-4399-b586-efb1a5111e3b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c29ea116f715297b757c81dab8d1b5f3
6aae9d763dec58740cdfbfe46f6c69986b81414d
09afde8ec60dd1471e0ce33ed11ae4542b6813ad02e2abf037629a8ae5cfe240
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F987410c8-c934-4399-b586-efb1a5111e3b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12102
x-amzn-requestid: 54ba881d-c54b-49fa-a5b3-20b8d80f2a35
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fNyrNG1AIAMFxTg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cefe47-1acbf1c34a4dbfdd506d3383;Sampled=0
x-amzn-remapped-date: Mon, 23 Jan 2023 21:38:15 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: CHA4jmrQvf2RWyPB4RRjQNr_zvaDR07EMo2oHUT12GAE9QbTP3umnA==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 7022a5bbf9872d4a09d63e6cdb457dfe.cloudfront.net (CloudFront), 1.1 google
date: Mon, 23 Jan 2023 22:04:53 GMT
age: 29135
etag: "6aae9d763dec58740cdfbfe46f6c69986b81414d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F482af31b-26f9-44ae-89f6-e5d525da0b94.jpeg
34.120.237.76200 OK 7.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F482af31b-26f9-44ae-89f6-e5d525da0b94.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 04af13ec975466fc3ef272576a3f152d
da2919e43cb4870ec1069a317a92972efeecf6a7
927033473cf2325ea89714abce53a15e95a0445982f974796e92d92b677e7ce5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F482af31b-26f9-44ae-89f6-e5d525da0b94.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6979
x-amzn-requestid: 219af615-0af6-4614-912a-a92081806773
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fNyw-GPpIAMFo4Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cefe6c-14cfd71a76ab5e5251061abf;Sampled=0
x-amzn-remapped-date: Mon, 23 Jan 2023 21:38:52 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: --fbhmeBDMcDvYgc4wxQp5sJ83R83L3AJJ3vMzcBem5N20NQr-kwGw==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 ce71f64ad5dca81beca846466f2d5008.cloudfront.net (CloudFront), 1.1 google
date: Mon, 23 Jan 2023 22:15:41 GMT
etag: "da2919e43cb4870ec1069a317a92972efeecf6a7"
content-type: image/jpeg
age: 28487
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0fe0b832-fa1d-48ac-8248-84591cfa9db0.jpeg
34.120.237.76200 OK 7.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0fe0b832-fa1d-48ac-8248-84591cfa9db0.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 056caf4190dfd50ec8ccd4c81906a3aa
a913fcf6f7e4250c70ea97e55d0f1cce5b144c50
1747b399960d4953c1154e1185afd9429f519799ac443e486042bd64b31183ea
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0fe0b832-fa1d-48ac-8248-84591cfa9db0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7768
x-amzn-requestid: 1acc401a-ede6-4079-8bdc-cbee1b1bfab7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fH8-BF4coAMF72A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cca859-32a96bef2c041ade5f0fb021;Sampled=0
x-amzn-remapped-date: Sun, 22 Jan 2023 03:07:05 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: V2VY8s0VM4Dl6c88tWYw3v3VSzc1ZQs9MlF6b-pvw-tb31Dn6cqPmg==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Tue, 24 Jan 2023 04:23:40 GMT
age: 6408
etag: "a913fcf6f7e4250c70ea97e55d0f1cce5b144c50"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.sobeteracotafancris.ro/wp-includes/css/dist/block-library/style.min.css?ver=6.0.3
194.36.141.112200 OK 11 kB URL HTTP/2 www.sobeteracotafancris.ro/wp-includes/css/dist/block-library/style.min.css?ver=6.0.3
IP 194.36.141.112:0
File type ASCII text, with very long lines (43771)
Hash d45207ee05c1f0c57dfa075e61405ccd
a8d35143a2d828a739ea0fdde75f97d33621e7ec
a9a4adbbcee31ec277f1bdd573eef97dc4341f29f2db3b5685a02dfe4d2fe9bb
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-includes/css/dist/block-library/style.min.css?ver=6.0.3 HTTP/1.1
Host: www.sobeteracotafancris.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sobeteracotafancris.ro/eng/gate.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 31 Jan 2023 06:10:28 GMT
content-type: text/css
last-modified: Tue, 12 Jul 2022 21:46:27 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 10946
date: Tue, 24 Jan 2023 06:10:28 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.sobeteracotafancris.ro/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.5.6.1
194.36.141.112200 OK 848 B URL HTTP/2 www.sobeteracotafancris.ro/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.5.6.1
IP 194.36.141.112:0
Hash c962ba8e7d42ff9da18392b41dad5151
7b89bc5e6ad161df2e6d7f7fb3ad894aa04b827f
322a4949c5bdd82eb80c13bbbd407ce30a7ad226685c54270d246cb6960e524e
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.5.6.1 HTTP/1.1
Host: www.sobeteracotafancris.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sobeteracotafancris.ro/eng/gate.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 31 Jan 2023 06:10:28 GMT
content-type: text/css
last-modified: Mon, 11 Oct 2021 07:40:30 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 848
date: Tue, 24 Jan 2023 06:10:28 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67efee66-d227-4c28-89a3-8fd7f382049b.jpeg
34.120.237.76200 OK 8.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67efee66-d227-4c28-89a3-8fd7f382049b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 91b2e12a39dc4f63b9d52e8800cce1f2
42d5b4b4a091778d98c351f0002d8656449d0243
d4dbc79e3383e83f861ccf8cde3e78ba427a66cd3fa99c17e23ec935867de4ad
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67efee66-d227-4c28-89a3-8fd7f382049b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8308
x-amzn-requestid: 1988d3b3-5e1a-41fd-83f5-092eddb9185f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fNys5GDKoAMFdbA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cefe52-2349fde60b7db8a34c996717;Sampled=0
x-amzn-remapped-date: Mon, 23 Jan 2023 21:38:26 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: WZE7yDAT_YRseW7m410pGAwkWAwJ2HmuTlg2IbSvCbN20SJbmQ4Odg==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Mon, 23 Jan 2023 22:06:36 GMT
age: 29032
etag: "42d5b4b4a091778d98c351f0002d8656449d0243"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.sobeteracotafancris.ro/wp-content/plugins/revslider/public/assets/css/settings.css?ver=5.4.3.1
194.36.141.112200 OK 6.8 kB URL HTTP/2 www.sobeteracotafancris.ro/wp-content/plugins/revslider/public/assets/css/settings.css?ver=5.4.3.1
IP 194.36.141.112:0
File type ASCII text, with very long lines (29418), with CRLF line terminators
Hash c93ecbf2ac43754510e6d4329603400b
95e0661fb65a642c4ee6ab15c1de8565a8b15dcc
c95b05980f9f60c649e3fa580f2db69846a831f683f3a5fbc87e07987fde4586
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/plugins/revslider/public/assets/css/settings.css?ver=5.4.3.1 HTTP/1.1
Host: www.sobeteracotafancris.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sobeteracotafancris.ro/eng/gate.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 31 Jan 2023 06:10:28 GMT
content-type: text/css
last-modified: Wed, 04 Nov 2020 12:39:11 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 6802
date: Tue, 24 Jan 2023 06:10:28 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.sobeteracotafancris.ro/wp-content/themes/betheme/style.css?ver=17.8.4
194.36.141.112200 OK 284 B URL HTTP/2 www.sobeteracotafancris.ro/wp-content/themes/betheme/style.css?ver=17.8.4
IP 194.36.141.112:0
Hash 1977b66ae42e43541e03fa407835ede6
669794fe401533ebc5990f6174eda01b4191c1e2
3521c4873ac88cb86b5a117a13b1274666be77bcade661565de0d89ea74c8a4e
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/themes/betheme/style.css?ver=17.8.4 HTTP/1.1
Host: www.sobeteracotafancris.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sobeteracotafancris.ro/eng/gate.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 31 Jan 2023 06:10:28 GMT
content-type: text/css
last-modified: Wed, 04 Nov 2020 12:37:31 GMT
accept-ranges: bytes
content-length: 284
date: Tue, 24 Jan 2023 06:10:28 GMT
server: LiteSpeed
vary: User-Agent
X-Firefox-Spdy: h2
www.sobeteracotafancris.ro/wp-content/themes/betheme/css/base.css?ver=17.8.4
194.36.141.112200 OK 12 kB URL HTTP/2 www.sobeteracotafancris.ro/wp-content/themes/betheme/css/base.css?ver=17.8.4
IP 194.36.141.112:0
File type ASCII text, with very long lines (2051)
Hash 68afd554fbc717548ab5baa69db32914
5e655de68296775ab488eb522b9631870793c87c
7d2011296003bfc0ea966a52ebbe58603176b49099b437cfe23a9a280a2f1c07
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/themes/betheme/css/base.css?ver=17.8.4 HTTP/1.1
Host: www.sobeteracotafancris.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sobeteracotafancris.ro/eng/gate.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 31 Jan 2023 06:10:28 GMT
content-type: text/css
last-modified: Wed, 04 Nov 2020 12:37:31 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 11583
date: Tue, 24 Jan 2023 06:10:28 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 831949834fce41f3fa8f544c99730c25
e98b70a86255cacf4cca405c7fd4bb05bf427bad
94cb9cfe8593a576362e5707670dfc3a46bda5cdc5d9b15d69b8b32b0c99cbe9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 24 Jan 2023 06:10:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.sobeteracotafancris.ro/wp-content/themes/betheme/css/shortcodes.css?ver=17.8.4
194.36.141.112200 OK 22 kB URL HTTP/2 www.sobeteracotafancris.ro/wp-content/themes/betheme/css/shortcodes.css?ver=17.8.4
IP 194.36.141.112:0
File type ASCII text, with very long lines (404)
Hash 90a1589e6a0aa6629a1d6b5893137839
557d1c76da2effebc6b582d7a7f0ab84c2b7fd23
8b37f539d6aa62aa860aef92bdc53f6ad0941f5dc898917b4e763e4b0c0271e7
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/themes/betheme/css/shortcodes.css?ver=17.8.4 HTTP/1.1
Host: www.sobeteracotafancris.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sobeteracotafancris.ro/eng/gate.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 31 Jan 2023 06:10:28 GMT
content-type: text/css
last-modified: Wed, 04 Nov 2020 12:37:31 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 21490
date: Tue, 24 Jan 2023 06:10:28 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.sobeteracotafancris.ro/wp-content/themes/betheme/css/layout.css?ver=17.8.4
194.36.141.112200 OK 18 kB URL HTTP/2 www.sobeteracotafancris.ro/wp-content/themes/betheme/css/layout.css?ver=17.8.4
IP 194.36.141.112:0
File type ASCII text, with very long lines (401)
Hash 82b0c4a5383231120edd7f9f782c5dcb
25ceb5d2d1d62fc18c6da2b0690a10a0603093a7
41d5dd30997e385b7a5113160ab67ac9eb4a36c0061aa4a735d28c5d0dd66a6a
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/themes/betheme/css/layout.css?ver=17.8.4 HTTP/1.1
Host: www.sobeteracotafancris.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sobeteracotafancris.ro/eng/gate.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 31 Jan 2023 06:10:28 GMT
content-type: text/css
last-modified: Wed, 04 Nov 2020 12:37:31 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 18484
date: Tue, 24 Jan 2023 06:10:28 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.sobeteracotafancris.ro/wp-content/themes/betheme/assets/animations/animations.min.css?ver=17.8.4
194.36.141.112200 OK 4.4 kB URL HTTP/2 www.sobeteracotafancris.ro/wp-content/themes/betheme/assets/animations/animations.min.css?ver=17.8.4
IP 194.36.141.112:0
File type ASCII text, with very long lines (58508), with no line terminators
Hash 5c5fe8aa13d58b843d84f4a6e2e83632
2c3ee79ef50ac467448065b88a6eb1d4f1d38f41
edf9e107f9c9afea6091fb4a95408ff3318e4e03b2cbe446935a048d6b3522f1
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/themes/betheme/assets/animations/animations.min.css?ver=17.8.4 HTTP/1.1
Host: www.sobeteracotafancris.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sobeteracotafancris.ro/eng/gate.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 31 Jan 2023 06:10:28 GMT
content-type: text/css
last-modified: Wed, 04 Nov 2020 12:37:31 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 4426
date: Tue, 24 Jan 2023 06:10:28 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.sobeteracotafancris.ro/wp-content/themes/betheme/assets/ui/jquery.ui.all.css?ver=17.8.4
194.36.141.112200 OK 3.1 kB URL HTTP/2 www.sobeteracotafancris.ro/wp-content/themes/betheme/assets/ui/jquery.ui.all.css?ver=17.8.4
IP 194.36.141.112:0
File type ASCII text, with very long lines (365)
Hash d8e397de9b1352c0c71a9370d50fbb17
a21d7c1328f2052be377b901ad9c29afbfd4b761
d5e713edac70f4c255f476effe10ee8190e7dc408f13c96f4dbf79461bef97d3
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/themes/betheme/assets/ui/jquery.ui.all.css?ver=17.8.4 HTTP/1.1
Host: www.sobeteracotafancris.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sobeteracotafancris.ro/eng/gate.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 31 Jan 2023 06:10:28 GMT
content-type: text/css
last-modified: Wed, 04 Nov 2020 12:37:31 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 3149
date: Tue, 24 Jan 2023 06:10:28 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.sobeteracotafancris.ro/wp-content/themes/betheme/assets/jplayer/css/jplayer.blue.monday.css?ver=17.8.4
194.36.141.112200 OK 2.0 kB URL HTTP/2 www.sobeteracotafancris.ro/wp-content/themes/betheme/assets/jplayer/css/jplayer.blue.monday.css?ver=17.8.4
IP 194.36.141.112:0
Hash 7de2182f2c6379155b42e71392eae898
03ecb41aa42ff79dfdc81de08078fc1c64b42969
c80cc1180b321bece83d80957c5c04672ee20432e2de420e8f2e87957def17cf
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/themes/betheme/assets/jplayer/css/jplayer.blue.monday.css?ver=17.8.4 HTTP/1.1
Host: www.sobeteracotafancris.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sobeteracotafancris.ro/eng/gate.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 31 Jan 2023 06:10:28 GMT
content-type: text/css
last-modified: Wed, 04 Nov 2020 12:37:31 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 1962
date: Tue, 24 Jan 2023 06:10:28 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.sobeteracotafancris.ro/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
194.36.141.112200 OK 30 kB URL HTTP/2 www.sobeteracotafancris.ro/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
IP 194.36.141.112:0
File type ASCII text, with very long lines (65447)
Hash 34f918ada1fe4f01c5a4b90065bbc37a
a731f6ce2d413805e39ae45994012b1bd5ea1e2b
eba158d5ab26a5a54a3dcfcea1072c636f44e92fc2eb30a3f27cd5be3f891dfc
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.0 HTTP/1.1
Host: www.sobeteracotafancris.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sobeteracotafancris.ro/eng/gate.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 31 Jan 2023 06:10:28 GMT
content-type: application/javascript
last-modified: Wed, 10 Mar 2021 19:37:24 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 30273
date: Tue, 24 Jan 2023 06:10:28 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.sobeteracotafancris.ro/wp-content/themes/betheme/css/responsive.css?ver=17.8.4
194.36.141.112200 OK 9.3 kB URL HTTP/2 www.sobeteracotafancris.ro/wp-content/themes/betheme/css/responsive.css?ver=17.8.4
IP 194.36.141.112:0
File type ASCII text, with very long lines (612)
Hash 8f3df104e4cab2ac30db8f2083e991c9
265aa999d03d4178f8a8f86a08b187bad102e647
e7855396a2d727742dedaa288572467891ff55d0dc5b77c6314f6d312f1d5b45
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/themes/betheme/css/responsive.css?ver=17.8.4 HTTP/1.1
Host: www.sobeteracotafancris.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sobeteracotafancris.ro/eng/gate.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 31 Jan 2023 06:10:28 GMT
content-type: text/css
last-modified: Wed, 04 Nov 2020 12:37:31 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 9296
date: Tue, 24 Jan 2023 06:10:28 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.sobeteracotafancris.ro/wp-content/themes/betheme/css/skins/gold/style.css?ver=17.8.4
194.36.141.112200 OK 3.7 kB URL HTTP/2 www.sobeteracotafancris.ro/wp-content/themes/betheme/css/skins/gold/style.css?ver=17.8.4
IP 194.36.141.112:0
File type ASCII text, with very long lines (318)
Hash 7cd9857a07ba043a81aff1b373f0d82b
a2f8260ffa638ebd64bc7041dd5473fd0a70c8d1
9f65fada4c8cf08dc42185c79d2b8c29c0341a6332ad8302326fefd22feb8881
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/themes/betheme/css/skins/gold/style.css?ver=17.8.4 HTTP/1.1
Host: www.sobeteracotafancris.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sobeteracotafancris.ro/eng/gate.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 31 Jan 2023 06:10:28 GMT
content-type: text/css
last-modified: Wed, 04 Nov 2020 12:37:31 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 3700
date: Tue, 24 Jan 2023 06:10:28 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.sobeteracotafancris.ro/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
194.36.141.112200 OK 4.0 kB URL HTTP/2 www.sobeteracotafancris.ro/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP 194.36.141.112:0
File type ASCII text, with very long lines (11126)
Hash 7e058b51f939eacfa31cdface14dded5
9d732e5afdeb42edef9e1b9631b7e95e054787cc
4ece5b00423755d8f4121ce382c8ea4dc44c241f28f150abe19caa85d0b0acc1
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: www.sobeteracotafancris.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sobeteracotafancris.ro/eng/gate.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 31 Jan 2023 06:10:28 GMT
content-type: application/javascript
last-modified: Wed, 18 Nov 2020 13:36:06 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 3995
date: Tue, 24 Jan 2023 06:10:28 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.sobeteracotafancris.ro/wp-content/plugins/cookie-notice/css/front.min.css?ver=6.0.3
194.36.141.112200 OK 966 B URL HTTP/2 www.sobeteracotafancris.ro/wp-content/plugins/cookie-notice/css/front.min.css?ver=6.0.3
IP 194.36.141.112:0
File type ASCII text, with very long lines (5326), with no line terminators
Hash 48cf0bd214254b0d3f4fcf6ca2eef55b
bd9baa2beb0a401d5e98f21f0ba5590592b949fc
97c70401af16ee85f949db582f98fab6d416455aa6be6448321a0bcf55826b2e
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/plugins/cookie-notice/css/front.min.css?ver=6.0.3 HTTP/1.1
Host: www.sobeteracotafancris.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sobeteracotafancris.ro/eng/gate.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 31 Jan 2023 06:10:28 GMT
content-type: text/css
last-modified: Wed, 01 Jun 2022 06:39:02 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 966
date: Tue, 24 Jan 2023 06:10:28 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.sobeteracotafancris.ro/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
194.36.141.112200 OK 2.4 kB URL HTTP/2 www.sobeteracotafancris.ro/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
IP 194.36.141.112:0
File type ASCII text, with very long lines (6475), with no line terminators
Hash 4e773d7cec56bacab6d2db420be6f262
c95573d884c1caec0ec9c6f3e2a8c0fbf28d939a
5c8839d0b02f21e8d83d856bbf85a6b87fbedf9ba0b70711b11a1c378d5443e7
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9 HTTP/1.1
Host: www.sobeteracotafancris.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sobeteracotafancris.ro/eng/gate.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 31 Jan 2023 06:10:28 GMT
content-type: application/javascript
last-modified: Mon, 11 Apr 2022 15:34:30 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 2354
date: Tue, 24 Jan 2023 06:10:28 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.sobeteracotafancris.ro/wp-content/plugins/right-click-disable-orignal/rightclickdisable.js?ver=6.0.3
194.36.141.112200 OK 190 B URL HTTP/2 www.sobeteracotafancris.ro/wp-content/plugins/right-click-disable-orignal/rightclickdisable.js?ver=6.0.3
IP 194.36.141.112:0
Hash 8311b286dcf9251ff07dcd650b6e069e
042dd3baa3fa332c05b6528dc37a5f603fe7617f
68cac90431f771257dc3ec04fd0adccf63b6602ef714b77236a272fef0d03695
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/plugins/right-click-disable-orignal/rightclickdisable.js?ver=6.0.3 HTTP/1.1
Host: www.sobeteracotafancris.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sobeteracotafancris.ro/eng/gate.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 31 Jan 2023 06:10:28 GMT
content-type: application/javascript
last-modified: Mon, 09 Nov 2020 13:42:54 GMT
accept-ranges: bytes
content-length: 190
date: Tue, 24 Jan 2023 06:10:28 GMT
server: LiteSpeed
vary: User-Agent
X-Firefox-Spdy: h2
www.sobeteracotafancris.ro/wp-content/plugins/cookie-notice/js/front.min.js?ver=2.3.0
194.36.141.112200 OK 1.8 kB URL HTTP/2 www.sobeteracotafancris.ro/wp-content/plugins/cookie-notice/js/front.min.js?ver=2.3.0
IP 194.36.141.112:0
File type ASCII text, with very long lines (8428), with no line terminators
Hash 9237cae5604b5d12484f699c74d1f156
08ec90bc0bd5e1f0ca86cf43e860e3f83fb2b9ad
1aa3e51dbfaa36ad1374a37ace707fe28ba519f7ad3ab7ce398c654ef1a52906
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/plugins/cookie-notice/js/front.min.js?ver=2.3.0 HTTP/1.1
Host: www.sobeteracotafancris.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sobeteracotafancris.ro/eng/gate.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 31 Jan 2023 06:10:28 GMT
content-type: application/javascript
last-modified: Wed, 01 Jun 2022 06:39:02 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 1782
date: Tue, 24 Jan 2023 06:10:28 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.sobeteracotafancris.ro/wp-content/plugins/revslider/public/assets/js/jquery.themepunch.tools.min.js?ver=5.4.3.1
194.36.141.112200 OK 37 kB URL HTTP/2 www.sobeteracotafancris.ro/wp-content/plugins/revslider/public/assets/js/jquery.themepunch.tools.min.js?ver=5.4.3.1
IP 194.36.141.112:0
File type ASCII text, with very long lines (27287), with CRLF line terminators
Hash 43fdfea312349df889f659e31b6adb6a
bedc4e2532f363164a4b0324a7f891633be15756
952adbf6189b590337d34ba599c204940b990226647abe2b614fa55d2b92386c
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/plugins/revslider/public/assets/js/jquery.themepunch.tools.min.js?ver=5.4.3.1 HTTP/1.1
Host: www.sobeteracotafancris.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sobeteracotafancris.ro/eng/gate.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 31 Jan 2023 06:10:28 GMT
content-type: application/javascript
last-modified: Wed, 04 Nov 2020 12:39:11 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 37077
date: Tue, 24 Jan 2023 06:10:28 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.sobeteracotafancris.ro/wp-content/plugins/revslider/public/assets/js/jquery.themepunch.revolution.min.js?ver=5.4.3.1
194.36.141.112200 OK 17 kB URL HTTP/2 www.sobeteracotafancris.ro/wp-content/plugins/revslider/public/assets/js/jquery.themepunch.revolution.min.js?ver=5.4.3.1
IP 194.36.141.112:0
File type ASCII text, with very long lines (64278), with CRLF line terminators
Hash 7984f11390a4317be840a9f9e768a177
c1c8bfe79b7d9ab752c5837d9bdac4ec2d1eb70d
f84b6a19f2f4aff0a0c8783b6c7f44b36a4ac4be111efd0bf195ba2c20afbefa
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/plugins/revslider/public/assets/js/jquery.themepunch.revolution.min.js?ver=5.4.3.1 HTTP/1.1
Host: www.sobeteracotafancris.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sobeteracotafancris.ro/eng/gate.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 31 Jan 2023 06:10:28 GMT
content-type: application/javascript
last-modified: Wed, 04 Nov 2020 12:39:11 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 17204
date: Tue, 24 Jan 2023 06:10:28 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.sobeteracotafancris.ro/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.5.6.1
194.36.141.112200 OK 3.1 kB URL HTTP/2 www.sobeteracotafancris.ro/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.5.6.1
IP 194.36.141.112:0
File type HTML document, ASCII text, with very long lines (9720), with no line terminators
Hash 7b3d5adb95a380672e7d5da68b57b3c0
58db2566c56407e29d4557d912663b36ec328b14
aaa8914b936896ede7bb53ba3a4273d63bf82ed918efe0cfac6f2b3f4641a423
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.5.6.1 HTTP/1.1
Host: www.sobeteracotafancris.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sobeteracotafancris.ro/eng/gate.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 31 Jan 2023 06:10:28 GMT
content-type: application/javascript
last-modified: Thu, 20 Jan 2022 05:45:56 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 3050
date: Tue, 24 Jan 2023 06:10:28 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.sobeteracotafancris.ro/wp-includes/js/jquery/ui/core.min.js?ver=1.13.1
194.36.141.112200 OK 6.6 kB URL HTTP/2 www.sobeteracotafancris.ro/wp-includes/js/jquery/ui/core.min.js?ver=1.13.1
IP 194.36.141.112:0
File type Unicode text, UTF-8 text, with very long lines (8189)
Hash 139a41f01d192d239e7dce15ca307983
62a3e7c0c77209832dc649bc5583e5e0b4918bf5
d796462a5d212cd93b315b43dafb6e77dbe1c3aa567964dc40c1ab0e2c28f405
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-includes/js/jquery/ui/core.min.js?ver=1.13.1 HTTP/1.1
Host: www.sobeteracotafancris.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sobeteracotafancris.ro/eng/gate.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 31 Jan 2023 06:10:28 GMT
content-type: application/javascript
last-modified: Fri, 08 Apr 2022 23:37:18 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 6637
date: Tue, 24 Jan 2023 06:10:28 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.sobeteracotafancris.ro/wp-includes/js/jquery/ui/tabs.min.js?ver=1.13.1
194.36.141.112200 OK 3.8 kB URL HTTP/2 www.sobeteracotafancris.ro/wp-includes/js/jquery/ui/tabs.min.js?ver=1.13.1
IP 194.36.141.112:0
File type ASCII text, with very long lines (11760)
Hash cf07f8ed6f9f97c95566c2b77872c681
6b9c0b5521255b6b1dd77c1a0569224de7cc351c
c31ec4601e031d50be0b5732b8b22ed7055c990de764617f37093de9004ef206
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-includes/js/jquery/ui/tabs.min.js?ver=1.13.1 HTTP/1.1
Host: www.sobeteracotafancris.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sobeteracotafancris.ro/eng/gate.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 31 Jan 2023 06:10:28 GMT
content-type: application/javascript
last-modified: Fri, 08 Apr 2022 23:37:18 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 3760
date: Tue, 24 Jan 2023 06:10:28 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.sobeteracotafancris.ro/wp-includes/js/jquery/ui/mouse.min.js?ver=1.13.1
194.36.141.112200 OK 1.0 kB URL HTTP/2 www.sobeteracotafancris.ro/wp-includes/js/jquery/ui/mouse.min.js?ver=1.13.1
IP 194.36.141.112:0
File type ASCII text, with very long lines (3233)
Hash 9e26fdd5e87f346b6419a2f81e6b3fcb
ae55a3391e61ef838c8b352738e27417f4a88ad3
889b8ea6140d0999ba175bd4d8e13966def1de6a67e7ae4ba9c0b8ce2d4ccf85
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-includes/js/jquery/ui/mouse.min.js?ver=1.13.1 HTTP/1.1
Host: www.sobeteracotafancris.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sobeteracotafancris.ro/eng/gate.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 31 Jan 2023 06:10:28 GMT
content-type: application/javascript
last-modified: Fri, 08 Apr 2022 23:37:18 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 1000
date: Tue, 24 Jan 2023 06:10:28 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.sobeteracotafancris.ro/wp-includes/js/jquery/ui/accordion.min.js?ver=1.13.1
194.36.141.112200 OK 2.6 kB URL HTTP/2 www.sobeteracotafancris.ro/wp-includes/js/jquery/ui/accordion.min.js?ver=1.13.1
IP 194.36.141.112:0
File type ASCII text, with very long lines (8632)
Hash d907b8e007d5ed72022815b9ccc95f11
e77303ded461745c207af9d76cf91c8b32a46e3e
a90b61a5e379b42615eebab01de76934200af87a50bd10c7f78690ee210d6c83
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-includes/js/jquery/ui/accordion.min.js?ver=1.13.1 HTTP/1.1
Host: www.sobeteracotafancris.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sobeteracotafancris.ro/eng/gate.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 31 Jan 2023 06:10:28 GMT
content-type: application/javascript
last-modified: Fri, 08 Apr 2022 23:37:18 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 2645
date: Tue, 24 Jan 2023 06:10:28 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.sobeteracotafancris.ro/wp-includes/js/jquery/ui/sortable.min.js?ver=1.13.1
194.36.141.112200 OK 6.3 kB URL HTTP/2 www.sobeteracotafancris.ro/wp-includes/js/jquery/ui/sortable.min.js?ver=1.13.1
IP 194.36.141.112:0
File type HTML document, ASCII text, with very long lines (25274)
Hash a7e69a1542d0a43eddc8317544f17b1e
98e234ad57bc3362434b19a9706a12a208a6da9e
7ae4fdd186ab6ef0c5d2548e9bfb916e9c8556cffaf098ac2cfe1799fa9ab803
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-includes/js/jquery/ui/sortable.min.js?ver=1.13.1 HTTP/1.1
Host: www.sobeteracotafancris.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sobeteracotafancris.ro/eng/gate.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 31 Jan 2023 06:10:28 GMT
content-type: application/javascript
last-modified: Fri, 08 Apr 2022 23:37:18 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 6330
date: Tue, 24 Jan 2023 06:10:28 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.sobeteracotafancris.ro/wp-content/themes/betheme/js/menu.js?ver=17.8.4
194.36.141.112200 OK 786 B URL HTTP/2 www.sobeteracotafancris.ro/wp-content/themes/betheme/js/menu.js?ver=17.8.4
IP 194.36.141.112:0
Hash b249852f15a52140ee19652056645405
7388ae07ca72cf206dac5b77a1f8f8b090c1eb12
8f625c15072a2506121029b2497a976f622c57394dc685486c4f00ae967bdd04
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/themes/betheme/js/menu.js?ver=17.8.4 HTTP/1.1
Host: www.sobeteracotafancris.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sobeteracotafancris.ro/eng/gate.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 31 Jan 2023 06:10:28 GMT
content-type: application/javascript
last-modified: Wed, 04 Nov 2020 12:37:31 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 786
date: Tue, 24 Jan 2023 06:10:28 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 831949834fce41f3fa8f544c99730c25
e98b70a86255cacf4cca405c7fd4bb05bf427bad
94cb9cfe8593a576362e5707670dfc3a46bda5cdc5d9b15d69b8b32b0c99cbe9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 24 Jan 2023 06:10:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.sobeteracotafancris.ro/wp-content/themes/betheme/assets/animations/animations.min.js?ver=17.8.4
194.36.141.112200 OK 547 B URL HTTP/2 www.sobeteracotafancris.ro/wp-content/themes/betheme/assets/animations/animations.min.js?ver=17.8.4
IP 194.36.141.112:0
File type ASCII text, with very long lines (1723)
Hash da5e15e27446aebcbad9a1145cedf225
99a77f09e21fe97a048017d217d92e1a158df376
e6a52e6b7b24d6cf9b8baaaab5eca47304f0a7bce3df950b7edcd8479240af90
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/themes/betheme/assets/animations/animations.min.js?ver=17.8.4 HTTP/1.1
Host: www.sobeteracotafancris.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sobeteracotafancris.ro/eng/gate.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 31 Jan 2023 06:10:28 GMT
content-type: application/javascript
last-modified: Wed, 04 Nov 2020 12:37:31 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 547
date: Tue, 24 Jan 2023 06:10:28 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.sobeteracotafancris.ro/wp-content/themes/betheme/assets/jplayer/jplayer.min.js?ver=17.8.4
194.36.141.112200 OK 12 kB URL HTTP/2 www.sobeteracotafancris.ro/wp-content/themes/betheme/assets/jplayer/jplayer.min.js?ver=17.8.4
IP 194.36.141.112:0
File type ASCII text, with very long lines (634)
Hash b68168e0a22ec788141119157f946f19
dd48d653067b16138abc84bc59c8055c258decea
d8ae89b74017b5900d097fa4f4f48dd0bcf02b545b3331130aff64653ac29d37
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/themes/betheme/assets/jplayer/jplayer.min.js?ver=17.8.4 HTTP/1.1
Host: www.sobeteracotafancris.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sobeteracotafancris.ro/eng/gate.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 31 Jan 2023 06:10:28 GMT
content-type: application/javascript
last-modified: Wed, 04 Nov 2020 12:37:31 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 12401
date: Tue, 24 Jan 2023 06:10:28 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.sobeteracotafancris.ro/wp-content/themes/betheme/js/plugins.js?ver=17.8.4
194.36.141.112200 OK 52 kB URL HTTP/2 www.sobeteracotafancris.ro/wp-content/themes/betheme/js/plugins.js?ver=17.8.4
IP 194.36.141.112:0
File type ASCII text, with very long lines (32011)
Hash 35bb7e3d5fb0c34732555835dc6ec85b
88e97726988e89b23ea30592029f7163e6fe4304
bcc7d769c535cc8b34d2d52b20cd333ede7c7683b9f19e25c45f99ebd6eb41e9
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/themes/betheme/js/plugins.js?ver=17.8.4 HTTP/1.1
Host: www.sobeteracotafancris.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sobeteracotafancris.ro/eng/gate.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 31 Jan 2023 06:10:28 GMT
content-type: application/javascript
last-modified: Wed, 04 Nov 2020 12:37:31 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 52308
date: Tue, 24 Jan 2023 06:10:28 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.sobeteracotafancris.ro/wp-content/themes/betheme/js/scripts.js?ver=17.8.4
194.36.141.112200 OK 13 kB URL HTTP/2 www.sobeteracotafancris.ro/wp-content/themes/betheme/js/scripts.js?ver=17.8.4
IP 194.36.141.112:0
Hash 8919a55bcf73b6de09ee3f0028c53c81
d0475ff336e5f18ddab1c7339d83e5f18363cb43
43e2de2b2d29bb94805e4ca60e2220e0e70d74daed8d7407e6e172eb8ba4f2c3
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/themes/betheme/js/scripts.js?ver=17.8.4 HTTP/1.1
Host: www.sobeteracotafancris.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sobeteracotafancris.ro/eng/gate.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 31 Jan 2023 06:10:28 GMT
content-type: application/javascript
last-modified: Wed, 04 Nov 2020 12:37:31 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 13297
date: Tue, 24 Jan 2023 06:10:28 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.sobeteracotafancris.ro/wp-content/themes/betheme/js/parallax/translate3d.js?ver=17.8.4
194.36.141.112200 OK 1.6 kB URL HTTP/2 www.sobeteracotafancris.ro/wp-content/themes/betheme/js/parallax/translate3d.js?ver=17.8.4
IP 194.36.141.112:0
Hash 8298080669fed5b5bd751cf84c62fc68
b020542e267556e2168634e4fad1b6cb46fe625a
39bfeaf891a54294063810cdf74089c3d1d27ff92b95d98b847e2e3f477a83f8
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/themes/betheme/js/parallax/translate3d.js?ver=17.8.4 HTTP/1.1
Host: www.sobeteracotafancris.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sobeteracotafancris.ro/eng/gate.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 31 Jan 2023 06:10:28 GMT
content-type: application/javascript
last-modified: Wed, 04 Nov 2020 12:37:31 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 1579
date: Tue, 24 Jan 2023 06:10:28 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.sobeteracotafancris.ro/wp-includes/js/wp-emoji-release.min.js?ver=6.0.3
194.36.141.112200 OK 4.6 kB URL HTTP/2 www.sobeteracotafancris.ro/wp-includes/js/wp-emoji-release.min.js?ver=6.0.3
IP 194.36.141.112:0
File type ASCII text, with very long lines (15660)
Hash 0232689bd203f330529b36a437f41a68
9046583f7469ad38297969f10a9513eb895d5316
feea9f30a6e454579bbeabf236b7abdb0c7de84dd2852422555ad67348c5e886
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-includes/js/wp-emoji-release.min.js?ver=6.0.3 HTTP/1.1
Host: www.sobeteracotafancris.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sobeteracotafancris.ro/eng/gate.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 31 Jan 2023 06:10:28 GMT
content-type: application/javascript
last-modified: Tue, 12 Apr 2022 09:26:24 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 4619
date: Tue, 24 Jan 2023 06:10:28 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash dd676ffc078f2b075fdc6d7606dc55b3
f57644c4be9f9521b2c45df5ee6eee87489819e1
b0ecd59482b2bc369555e2b94287c0de6eb874c9f52c15d2ecda112b8f3d2dba
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 24 Jan 2023 06:10:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash dd676ffc078f2b075fdc6d7606dc55b3
f57644c4be9f9521b2c45df5ee6eee87489819e1
b0ecd59482b2bc369555e2b94287c0de6eb874c9f52c15d2ecda112b8f3d2dba
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 24 Jan 2023 06:10:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/alegreyasans/v24/5aUz9_-1phKLFgshYDvh6Vwt7VptvQ.woff2
216.58.207.227200 OK 22 kB URL HTTP/2 fonts.gstatic.com/s/alegreyasans/v24/5aUz9_-1phKLFgshYDvh6Vwt7VptvQ.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 21820, version 1.0\012- data
Hash d9eb1619ec469775fc634c44ed34e7d9
4ea252177e86b3f8390512caf26ab112b8b11f03
358b77e66f715be7f5676feec15e05ec8292a165f99ea95b345cf87adc075ede
GET /s/alegreyasans/v24/5aUz9_-1phKLFgshYDvh6Vwt7VptvQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.sobeteracotafancris.ro
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 21820
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 22 Jan 2023 00:56:25 GMT
expires: Mon, 22 Jan 2024 00:56:25 GMT
cache-control: public, max-age=31536000
age: 191644
last-modified: Wed, 07 Dec 2022 17:51:09 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash dd676ffc078f2b075fdc6d7606dc55b3
f57644c4be9f9521b2c45df5ee6eee87489819e1
b0ecd59482b2bc369555e2b94287c0de6eb874c9f52c15d2ecda112b8f3d2dba
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 24 Jan 2023 06:10:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.sobeteracotafancris.ro/wp-content/themes/betheme/fonts/mfn-icons.woff?23391439
194.36.141.112200 OK 81 kB URL HTTP/2 www.sobeteracotafancris.ro/wp-content/themes/betheme/fonts/mfn-icons.woff?23391439
IP 194.36.141.112:0
File type Web Open Font Format, TrueType, length 80636, version 1.0\012- data
Hash 3da843d15ed5d4d39e269cfbad8345fb
1d915a3fd051f9e9cf6f545dfe31939fdb368738
f6134456d89988ada75cfdf21df40c6abdccccf01b48a669add0223f3fa38ec4
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/themes/betheme/fonts/mfn-icons.woff?23391439 HTTP/1.1
Host: www.sobeteracotafancris.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.sobeteracotafancris.ro/wp-content/themes/betheme/css/base.css?ver=17.8.4
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: font/woff
last-modified: Wed, 04 Nov 2020 12:37:31 GMT
accept-ranges: bytes
content-length: 80636
date: Tue, 24 Jan 2023 06:10:28 GMT
server: LiteSpeed
vary: User-Agent
X-Firefox-Spdy: h2
fonts.gstatic.com/s/alegreyasans/v24/5aUu9_-1phKLFgshYDvh6Vwt5fFPqEp2iw.woff2
216.58.207.227200 OK 22 kB URL HTTP/2 fonts.gstatic.com/s/alegreyasans/v24/5aUu9_-1phKLFgshYDvh6Vwt5fFPqEp2iw.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 21496, version 1.0\012- data
Hash 43fc644dca9feec31fda0887a4fd7451
ef9a6f172f3eeb6e94cf9d01c85826a5b30234a6
3975d32ad727a7a56954c0491bee4af7ff1f3578cd3fc27c53802f3f604b2f05
GET /s/alegreyasans/v24/5aUu9_-1phKLFgshYDvh6Vwt5fFPqEp2iw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.sobeteracotafancris.ro
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 21496
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 23 Jan 2023 19:40:11 GMT
expires: Tue, 23 Jan 2024 19:40:11 GMT
cache-control: public, max-age=31536000
age: 37818
last-modified: Wed, 07 Dec 2022 18:13:24 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/alegreyasans/v24/5aUt9_-1phKLFgshYDvh6Vwt7V9dv21T.woff2
216.58.207.227200 OK 22 kB URL HTTP/2 fonts.gstatic.com/s/alegreyasans/v24/5aUt9_-1phKLFgshYDvh6Vwt7V9dv21T.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 22404, version 1.0\012- data
Hash eded078156f1437b04fdff58fc1bc9fc
7623a93583add5e71039e436659600a0d513f145
e47ef21c70a3d03dc1bb7a44a728e7aa0e7c767c2d44a69c7baa52366effd113
GET /s/alegreyasans/v24/5aUt9_-1phKLFgshYDvh6Vwt7V9dv21T.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.sobeteracotafancris.ro
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 22404
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 23 Jan 2023 18:16:08 GMT
expires: Tue, 23 Jan 2024 18:16:08 GMT
cache-control: public, max-age=31536000
age: 42861
last-modified: Wed, 07 Dec 2022 18:04:03 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash dd676ffc078f2b075fdc6d7606dc55b3
f57644c4be9f9521b2c45df5ee6eee87489819e1
b0ecd59482b2bc369555e2b94287c0de6eb874c9f52c15d2ecda112b8f3d2dba
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 24 Jan 2023 06:10:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
sobeteracotafancris.ro/wp-content/uploads/2020/11/logo-soba.jpg
194.36.141.112200 OK 12 kB URL HTTP/2 sobeteracotafancris.ro/wp-content/uploads/2020/11/logo-soba.jpg
IP 194.36.141.112:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 225x225, components 3\012- data
Hash f01dd4582e4aecb795bfcfb839839666
d36804d9ae882663f3e4298f3071db7945c2fbe0
07ce64eb5bd5f3abe06ebb0123b3059dee8453c3847127af87230a30bf35b24d
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/uploads/2020/11/logo-soba.jpg HTTP/1.1
Host: sobeteracotafancris.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sobeteracotafancris.ro/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 31 Jan 2023 06:10:28 GMT
content-type: image/jpeg
last-modified: Wed, 04 Nov 2020 13:46:28 GMT
accept-ranges: bytes
content-length: 11886
date: Tue, 24 Jan 2023 06:10:28 GMT
server: LiteSpeed
vary: User-Agent
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fffa7542f-09ef-434a-b70e-f01d4f85f536.jpeg
34.120.237.76200 OK 5.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fffa7542f-09ef-434a-b70e-f01d4f85f536.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d10c7ff2225305bb4fef88b5e162ce89
01b2c47ee2463194e3209da8572628bc64553b90
43aa59f214eb5d6ec153e68f0e5d164be9fc2ef408efc2bddc29f223fe984721
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fffa7542f-09ef-434a-b70e-f01d4f85f536.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 5390
x-amzn-requestid: 293c5b91-66f2-4c09-8c43-bb2c1a80d387
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fNyrPEAIoAMFbVA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cefe47-7f8a124e65873e2a69527dfb;Sampled=0
x-amzn-remapped-date: Mon, 23 Jan 2023 21:38:15 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: tyGLhuKsD5FALIW6cv0k4Jd3VwK1W1nYQfv6NBcjFQ74u0RRBnQECQ==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Mon, 23 Jan 2023 21:56:47 GMT
etag: "01b2c47ee2463194e3209da8572628bc64553b90"
content-type: image/jpeg
age: 29628
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Alegreya+Sans%3A1%2C100%2C300%2C400%2C400italic%2C700&ver=6.0.3
142.250.74.106200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Alegreya+Sans%3A1%2C100%2C300%2C400%2C400italic%2C700&ver=6.0.3
IP 142.250.74.106:0
GET /css?family=Alegreya+Sans%3A1%2C100%2C300%2C400%2C400italic%2C700&ver=6.0.3 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sobeteracotafancris.ro/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 24 Jan 2023 06:10:28 GMT
date: Tue, 24 Jan 2023 06:10:28 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.sobeteracotafancris.ro/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
194.36.141.112200 OK 0 B URL HTTP/2 www.sobeteracotafancris.ro/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
IP 194.36.141.112:0
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0 HTTP/1.1
Host: www.sobeteracotafancris.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sobeteracotafancris.ro/eng/gate.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 31 Jan 2023 06:10:28 GMT
content-type: application/javascript
last-modified: Mon, 11 Apr 2022 15:34:30 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 6872
date: Tue, 24 Jan 2023 06:10:28 GMT
server: LiteSpeed
X-Firefox-Spdy: h2